Sunday, 11 July 2010

OWASP Talk Dublin June 30th 2010

Here is the link to the talk that I gave at the OWASP Dublin meeting held on June 30th 2010. The title was:

"Define Security Requirements - A practical approach "

The link is about half-way down (JUN 2010) on the OWASP Ireland page.

The actual slides from the presentation are here.

In the talk I outline some steps that you should take at the beginning of a web development project to help you define security requirements. There are also some suggestions for good practice in relation to session management.

Finally, I have some slides about the User Life Cycle good practices, which I never got to during the talk. This section suggests good practices around the various stages:
  • Identification
  • Registration/Enrolment
  • Logon/Logoff
  • Forgotten Password Mechanism
  • Logoff/Account Deletion



Social: del.icio.us DiggIt! Reddit Stumble Google Bookmarks Technorati Slashdot

No comments:

Post a comment